Security Architecture Design - Online

ONL-212

the most hands on and highly technical logical and physical data recovery course available anywhere

Course Overview

Learn the essentials of Enterprise Security Design for security engineering with this hands on information security course. This course will bring you up to speed on the latest security-specific architecture.

Most importantly, Enterprise Security Architecture and Design Online course shows you to implement the myriad of security technologies available on the market today in an effective and cost efficient manner. 

The Enterprise Security Architecture and Design Online course is the online version of InfoSec Institute's Instructor-Led Enterprise Security Architecture and Design class. Many online or CBT training offerings are simply a recording of a talking head. InfoSec Institute's Application Security Online includes a shipment of software that is loaded onto your computer, which allows you to complete over 30 hours of hands-on lab exercises! Not only do you get high quality instruction from an expert instructor, with InfoSec Institute, you also perform hands-on lab exercises that allow for real knowledge transfer.

Some of the benefits of Data Recovery Online are:

  • Attend the exact same course as the Instructor-Led Enterprise Security Architecture and Design Online course in an online format.
  • Interact with over 44 online modules, taught by an expert instructor at your leisure via the Internet at home or work.
  • We ship you a number of Virtual Machines (VMs) pre-installed with hundreds of tools and scripts that you use to perform over 21 hands-on lab exercises. These are the same lab exercises as the instructor-led class.
  • Get online guidance while you perform the lab exercises, the labs have been recorded from start to finish.

 

Required Prerequisites:

  • Workstation with Windows Vista, 7 or XP, 4GB RAM, 30 GB free hard drive space
  • Windows 2000 Server installation disk
  • Access to High Speed Internet connection

 

 

 

 

 

 

 

  • Top Instructors
  • 30 Hours of Hands On Labs
  • Hundreds of tools loaded onto VMs for you
"I was blown away by the instructor's knowledge and expertise. ... Would recommend to anyone thinking about being a pen tester"

Connie Brown

United States Air Force

Security Architecture Design Topics:

A detailed outline of this course follows:

Module 1—Human Factors of Security
The human factors that make implementing security difficult; Primary personality types
encountered and their motivations for (or against) security initiatives; how social awareness can help corporate security efforts succeed.

Module 2—Objectives of Security
The Active Defense approach to security; “Defense in Depth” model; Interaction between written and electronic policy; Layered approach to security including Perimeter Security, Network Security, Host Based Security, and Human Awareness

Module 3—What The Hackers Know
Information on some of the quick and easy tools available for finding information that can be used in a more coordinated attack by hackers; Some common tools that identify network assets; How to show both technical and business
managers the amount of information that is
exposed via the network

Lab—CHEOPS, Site TelePort Pro, NTOP, NmapFE, KMAP Module 4—Enemies and Their Motivation
The most common hacker personality types; The reasons they participate in these activities;
Common targets for these individuals

Module 5—Assessing Vulnerabilities
Practical application of risk assessment to an organization; Basic understanding of vulnerability
categories; Conducting an assessment; Commonly found weak links in an assessment; Reviewing how ‘breaking’ into your own network can be a practical way to get an accurate assessment of your risk

Lab—Vulnerability Assessment, exploit usage and windows password weaknesses

Module 6—Objectives of Risk Management
Identifying specific areas where safeguards are needed to prevent deliberate or inadvertent unauthorized disclosure, modification, or unauthorized use of information, and denial of service

• How much protection is required
• How much exists
• The most economical way of providing it
• Reducing the identified risk to an acceptable level

Lab—Risk Assessment and Costs

Module 7—Defining Security Policy
Developing computer security policies and procedures for Corporations that have systems connected to the Internet. Provide practical guidance to administrators trying to secure their information and services.

Module 8—Developing Electronic Policy
Security tools by and large require that you create electronic policies from the written security policy in order to enforce compliance on the network we examine e-policies, often referred to as electronic or enforceable policies, and how they are used.

Lab—Translate Written Policy into E-Policy

Module 14—Identifying Attack Signatures

• Identifying signature by category of attack
• Identifying normal attack flow
• Identifying inspection and evasion of IDS
• Identifying potential false positives of IDS
• Identifying limitations in IDS monitoring

Lab—Integrity verification and log monitoring
Module 9—Policy Enforcement with Technology
Keeping the organization in compliance with their policies; Training and awareness programs;
Enforcement using technical tools, Checking compliance and enforcing policy

Lab—Responding to CERT Alerts

Module 10—Electronic Policy Baselines for Systems
Developing good security through system baselines; Using scripts to automate baseline implementation; Tools for detecting system changes

Lab-Security Configuration Manager

Module 11—Structured Monitoring
Identifying policy and procedures; Log procedures using the Defense in Depth model; Identifying Critical and Weak link systems; Centralized, Remote, and
Decentralized Monitoring; Hardening the Monitoring Stations; Minimizing Management Consoles

Module 12—Intrusion Detection and Centralized Monitoring
Setup of a centralized monitoring system for a corporation; Identify cost effective placement of
monitoring devices; Remote administration of monitoring systems

Lab—Snort & Packet Analysis

Module 13— Overcoming Difficulty in Monitoring
Intrusion Detection: Differentiation of what is relevant to the Intrusion sequence, what is not relevant, and what is not part of the sequence.

Lab—Analyzing Attacks

Module 15—Justifying the Cost of Security
A business case is made for Return of Security Investment by showing some areas where security saves money on labor and other items.

Module 16—Incident Investigation Methods
Incident investigation: the process, tools, and methods

• Avoiding “contaminating” evidence
• Definitions of common response terms
• Identification of business and legal considerations
• Understanding of the time sensitivity of response

Module 17—Understanding the Logs
Tools and methods for identifying critical information contained in the log files

Lab—IIS Log Analysis

Module 18—Security Planning for Electronic Business
Overview of the considerations necessary to securely and successfully implement electronic business over the Internet. Identifying the business structure required for conducting electronic business, identifying and minimizing the threats to electronic commerce, including threats that may involve electronic commerce ‘partners’.

Required Prerequisites:
  • Workstation with Windows Vista, 7 or XP, 4GB RAM, 30 GB free hard drive space
  • Windows 2000 Server installation disk
  • Access to High Speed Internet connection


See what our students are saying

  • Mario Rodrguez

    U.S. ARMY

    "you have set the standard"

    "You have set the standard for instruction. Innovative and teaches you how to think through a problem with sound logic."


    Find out more
  • "...well worth the money"

    "It was fantastic! I learned more then i could have ever dreamed! even if I dont pass the exam the knowledge i got was well worth the money I spent!! and i had a good time leanring as well!"


    Find out more
  • "nice to have a dedicated training laptop provided"

    "I got a lot out of the real world scenarios presented in class. Jeremy is very knowledgeable in the field of penetration testing. Would definitely take classes again if he is the instructor. The course books are a great reference, and it was nice to have a dedicated training laptop provided by Infosec and not have to bring my own and waste time installing programs during class"


    Find out more
  • Rummy Dabgotra

    MTS Allstream

    "invaluable to my career"

    "Dan is an excellent instructor and incredibly knowledgeable. Great presenter and very helpful. The course was very intense but well structured. The hours were long but it really allows you to get your head wrapped around it. Slide notes were very good as well as the lab pre-info. The labs tied well into the course. The content and knowledge gained will be invaluable to my career."


    Find out more

Pricing

Call (866)-471-0059 or fill out this short form for current pricing

 

  • Learn the essentials of Enterprise Security Design for security engineering with this hands on information security course. This course will bring you up to speed on the latest security-specific architecture.

 

OUR STUDENTS SAY:
InfoSec Institute has an excellent instructor and this is the best IT security class I have ever taken. His knowledge and method of teaching are unsurpassed.